Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A method, comprising: searching, by a client, for a desired data item in a database server, wherein the database server has a list of data items, by: sending, from the client to the database server, a search request message generated using a first algorithm and based on an encryption of the desired data item; receiving, at the client from the database server, a search response message, wherein the search response message is generated using a second algorithm, based on the search request message, and based on the list of data items in the database server, and wherein the search response message comprises a pair of values; and determining, at the client, that the desired data item is in the database server using a third algorithm and based on the pair of values in the search response message, wherein the third algorithm uses a private key applied to a value of the pair of values; and requesting, from the client, the desired data item from the database server.
This invention relates to secure data search techniques in a client-server environment, addressing the challenge of searching for encrypted data without exposing the search query or the database contents. The method involves a client searching for a specific data item in a database server that stores a list of encrypted data items. The client generates a search request message using a first algorithm, which incorporates an encryption of the desired data item. This request is sent to the database server, which processes it using a second algorithm to produce a search response message. The response includes a pair of values derived from the search request and the database's encrypted data items. The client then applies a third algorithm, utilizing a private key, to one of the values in the response pair to determine whether the desired data item exists in the database. If confirmed, the client requests the actual data item from the server. The system ensures that neither the search query nor the database contents are revealed during the search process, enhancing privacy and security. The algorithms used for request generation, response computation, and verification are distinct, with the third algorithm relying on cryptographic operations involving the private key to validate the presence of the desired data.
2. The method of claim 1 , wherein the desired data item is encrypted using a public key.
A system and method for secure data retrieval involves encrypting a desired data item using a public key to ensure confidentiality during transmission or storage. The data item is then stored in a distributed storage system, where it is accessible only to authorized entities possessing the corresponding private key. The method includes generating a unique identifier for the encrypted data item, which is used to locate and retrieve the data when requested. The system may also include a key management module to handle encryption keys securely, ensuring that only authorized users can decrypt the data. The distributed storage system may be implemented using a peer-to-peer network or a cloud-based storage solution, providing redundancy and fault tolerance. The method further includes verifying the integrity of the retrieved data to ensure it has not been tampered with during storage or transmission. This approach enhances data security by leveraging public-key cryptography, ensuring that sensitive information remains protected from unauthorized access. The system is particularly useful in environments where data must be shared across multiple parties while maintaining confidentiality and integrity.
3. A system, the system comprising: a central processing unit; a storage medium coupled to the central processing unit, wherein the storage medium stores a program for: searching, by a client, for a desired data item in a database server, wherein the database server has a list of data items, by: sending, from the client to the database server, a search request message generated using a first algorithm and based on an encryption of the desired data item; receiving, at the client from the database server, a search response message, wherein the search response message is generated using a second algorithm, based on the search request message, and based on the list of data items in the database server, and wherein the search response message comprises a pair of values; and determining, at the client, that the desired data item is in the database server using a third algorithm and based on the pair of values in the search response message, wherein the third algorithm uses a private key applied to a value of the pair of values; and requesting, from the client, the desired data item from the database server.
The system involves secure data search in a database server using cryptographic techniques. The problem addressed is enabling a client to search for a specific data item in a database without revealing the actual search query to the server, ensuring privacy and security. The system includes a central processing unit and a storage medium storing a program that executes the search process. The client generates a search request message using a first algorithm, which encrypts the desired data item. This encrypted request is sent to the database server, which contains a list of data items. The server processes the request using a second algorithm and returns a search response message containing a pair of values. The client then applies a third algorithm, utilizing a private key, to one of the values in the pair to determine if the desired data item exists in the database. If confirmed, the client requests the actual data item from the server. The system ensures that the search remains private, as the server does not learn the exact data item being searched for, while the client can verify its presence without exposing the query. The cryptographic algorithms ensure secure and efficient search operations.
4. The system of claim 3 , wherein the desired data item is encrypted using a public key.
A system for secure data retrieval in a distributed network addresses the challenge of protecting sensitive information during transmission and storage. The system includes a distributed network of nodes, each capable of storing and retrieving data items. A requester node initiates a search for a desired data item by broadcasting a search query to the network. The search query includes a public key associated with the requester node. Nodes in the network compare the search query to stored data items and identify matches based on predefined criteria. When a match is found, the matching data item is encrypted using the public key provided in the search query. The encrypted data item is then transmitted back to the requester node, ensuring that only the requester, who possesses the corresponding private key, can decrypt and access the data. This encryption step enhances security by preventing unauthorized nodes from accessing the data during transmission. The system ensures secure and efficient data retrieval in a decentralized environment, protecting data integrity and confidentiality throughout the process.
5. A computer program product, the computer program product comprising a non-transitory storage medium storing a program, the program executable by a central processing unit to perform: searching, by a client for a desired data item in a database server, wherein the database server has a list of data items, by: sending, from the client to the database server, a search request message generated using a first algorithm and based on an encryption of the desired data item; receiving, at the client from the database server, a search response message, wherein the search response message is generated using a second algorithm, based on the search request message, and based on the list of data items in the database server, and wherein the search response message comprises a pair of values; and determining, at the client, that the desired data item is in the database server using a third algorithm and based on the pair of values in the search response message, wherein the third algorithm uses a private key applied to a value of the pair of values; and requesting, from the client, the desired data item from the database server.
This invention relates to secure data search systems, specifically methods for searching encrypted data in a database without revealing the search query or the data items. The problem addressed is enabling secure and private searches in databases where data is encrypted, ensuring that neither the client nor the server learns sensitive information during the search process. The system involves a client and a database server. The client searches for a desired data item in the server's encrypted database. The client generates a search request message using a first algorithm, which encrypts the desired data item. This encrypted request is sent to the server. The server processes the request using a second algorithm, comparing it against its list of encrypted data items and generating a search response message containing a pair of values. The client then uses a third algorithm, applying a private key to one of the values in the pair, to determine whether the desired data item exists in the database. If confirmed, the client requests the actual data item from the server. The algorithms ensure that the search remains secure, preventing unauthorized access to the data or the search query. The private key-based verification step allows the client to confirm the presence of the data without exposing it or the search criteria. This approach is useful in applications requiring privacy-preserving data retrieval, such as secure cloud storage or encrypted databases.
6. The computer program product of claim 5 , wherein the desired data item is encrypted using a public key.
A system and method for secure data retrieval in a distributed computing environment addresses the challenge of protecting sensitive data during transmission and storage. The invention involves a computer program product that facilitates the retrieval of a desired data item from a storage system, where the data item is encrypted using a public key. The encryption ensures that only authorized entities possessing the corresponding private key can decrypt and access the data, enhancing security during transmission and storage. The system includes a data retrieval module that processes requests for the encrypted data item, verifies access permissions, and retrieves the encrypted data from a storage system. The storage system may be a distributed database or cloud storage, where the data is stored in an encrypted form to prevent unauthorized access. The retrieval module may also include decryption capabilities, using the private key to decrypt the data for authorized users. The invention ensures secure data handling by combining encryption with access control mechanisms, preventing unauthorized access while allowing legitimate users to retrieve and use the data. This approach is particularly useful in environments where data privacy and security are critical, such as financial transactions, healthcare records, or confidential business communications.
7. The method of claim 1 , wherein the database server is from a plurality of database servers.
A system and method for managing database operations involves a distributed architecture where multiple database servers are used to handle data storage, retrieval, and processing tasks. The system addresses inefficiencies in centralized database management by distributing workloads across a plurality of database servers, improving scalability, fault tolerance, and performance. Each database server in the system is configured to process queries, store data, and communicate with other servers to ensure data consistency and availability. The method includes selecting a database server from the plurality of servers based on factors such as load balancing, server availability, or data locality to optimize performance. The selected server then executes the requested operation, such as querying, updating, or storing data, while coordinating with other servers as needed to maintain synchronization. This distributed approach allows the system to handle large-scale data operations efficiently, reduce bottlenecks, and enhance reliability by leveraging the collective resources of multiple servers. The system may also include mechanisms for failover, replication, and load distribution to ensure continuous operation even if individual servers experience issues.
8. The system of claim 3 , wherein the database server is from a plurality of database servers.
A system for managing database operations includes a database server configured to process queries and a client device that communicates with the database server to execute these queries. The database server is part of a distributed system comprising multiple database servers, allowing for load balancing, redundancy, and improved performance. The client device sends a query to the database server, which processes the query and returns results. The system may include additional components such as a load balancer to distribute queries across the multiple database servers, ensuring efficient resource utilization and fault tolerance. The distributed architecture enables scalability, as additional database servers can be added to handle increased workloads. The system may also include mechanisms for data replication and synchronization across the multiple database servers to maintain consistency and reliability. This approach addresses challenges in centralized database systems, such as single points of failure and limited scalability, by leveraging a distributed infrastructure. The system ensures high availability, fault tolerance, and efficient query processing in large-scale environments.
9. The computer program product of claim 5 , wherein the database server is from a plurality of database servers.
A system for managing database operations involves a database server that processes queries from client devices. The database server includes a query processor that receives and executes database queries, and a query optimizer that improves query performance by analyzing and modifying the queries before execution. The system also includes a query cache that stores frequently used queries and their results to reduce processing time for repeated queries. The database server is part of a distributed system with multiple database servers, allowing for load balancing and redundancy. The query processor distributes incoming queries across the multiple database servers to optimize resource usage and improve response times. The query optimizer dynamically adjusts query execution plans based on real-time performance metrics, such as server load and network latency. The query cache synchronizes across the multiple database servers to ensure consistent query results. This system enhances database performance by efficiently managing query processing, optimizing query execution, and leveraging distributed computing resources.
Unknown
October 13, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.